<html>
<head><meta charset="utf-8"><title>Is prefetch unsafe? · t-lang/wg-unsafe-code-guidelines · Zulip Chat Archive</title></head>
<h2>Stream: <a href="https://rust-lang.github.io/zulip_archive/stream/136281-t-lang/wg-unsafe-code-guidelines/index.html">t-lang/wg-unsafe-code-guidelines</a></h2>
<h3>Topic: <a href="https://rust-lang.github.io/zulip_archive/stream/136281-t-lang/wg-unsafe-code-guidelines/topic/Is.20prefetch.20unsafe.3F.html">Is prefetch unsafe?</a></h3>

<hr>

<base href="https://rust-lang.zulipchat.com">

<head><link href="https://rust-lang.github.io/zulip_archive/style.css" rel="stylesheet"></head>

<a name="199030831"></a>
<h4><a href="https://rust-lang.zulipchat.com#narrow/stream/136281-t-lang/wg-unsafe-code-guidelines/topic/Is%20prefetch%20unsafe%3F/near/199030831" class="zl"><img src="https://rust-lang.github.io/zulip_archive/assets/img/zulip.svg" alt="view this post on Zulip" style="width:20px;height:20px;"></a> Jim Hurd <a href="https://rust-lang.github.io/zulip_archive/stream/136281-t-lang/wg-unsafe-code-guidelines/topic/Is.20prefetch.20unsafe.3F.html#199030831">(May 28 2020 at 14:39)</a>:</h4>
<p>_mm_prefetch is marked unsafe; Is there any principle this follows? It's the only unsafe thing in my crate, and easy to audit, but was wondering if I should turn this into a 1 line pull request to mark it as safe? Thanks<br>
ref: pub unsafe fn _mm_prefetch(p: *const i8, strategy: i32) { ....}<br>
<a href="https://github.com/rust-lang/stdarch/blob/1a577bd78e84e357e29c5336ff8beb432873046b/crates/core_arch/src/x86/sse.rs">https://github.com/rust-lang/stdarch/blob/1a577bd78e84e357e29c5336ff8beb432873046b/crates/core_arch/src/x86/sse.rs</a></p>



<a name="199031374"></a>
<h4><a href="https://rust-lang.zulipchat.com#narrow/stream/136281-t-lang/wg-unsafe-code-guidelines/topic/Is%20prefetch%20unsafe%3F/near/199031374" class="zl"><img src="https://rust-lang.github.io/zulip_archive/assets/img/zulip.svg" alt="view this post on Zulip" style="width:20px;height:20px;"></a> Lokathor <a href="https://rust-lang.github.io/zulip_archive/stream/136281-t-lang/wg-unsafe-code-guidelines/topic/Is.20prefetch.20unsafe.3F.html#199031374">(May 28 2020 at 14:42)</a>:</h4>
<p>all intrinsics are unsafe as a blanket default</p>



<a name="199031378"></a>
<h4><a href="https://rust-lang.zulipchat.com#narrow/stream/136281-t-lang/wg-unsafe-code-guidelines/topic/Is%20prefetch%20unsafe%3F/near/199031378" class="zl"><img src="https://rust-lang.github.io/zulip_archive/assets/img/zulip.svg" alt="view this post on Zulip" style="width:20px;height:20px;"></a> bjorn3 <a href="https://rust-lang.github.io/zulip_archive/stream/136281-t-lang/wg-unsafe-code-guidelines/topic/Is.20prefetch.20unsafe.3F.html#199031378">(May 28 2020 at 14:42)</a>:</h4>
<p><code>_mm_prefetch</code> is only safe when <code>sse</code> is supported by the processor.</p>



<a name="199031814"></a>
<h4><a href="https://rust-lang.zulipchat.com#narrow/stream/136281-t-lang/wg-unsafe-code-guidelines/topic/Is%20prefetch%20unsafe%3F/near/199031814" class="zl"><img src="https://rust-lang.github.io/zulip_archive/assets/img/zulip.svg" alt="view this post on Zulip" style="width:20px;height:20px;"></a> Lokathor <a href="https://rust-lang.github.io/zulip_archive/stream/136281-t-lang/wg-unsafe-code-guidelines/topic/Is.20prefetch.20unsafe.3F.html#199031814">(May 28 2020 at 14:46)</a>:</h4>
<p>Note that Rust i686 and x86_64 targets have SSE and SSE2 enabled by default and it's already broken all over if the processor doesn't support that and you run the program.</p>
<p>If you want a pre-SSE target you'll need the i586 targets</p>



<a name="199032365"></a>
<h4><a href="https://rust-lang.zulipchat.com#narrow/stream/136281-t-lang/wg-unsafe-code-guidelines/topic/Is%20prefetch%20unsafe%3F/near/199032365" class="zl"><img src="https://rust-lang.github.io/zulip_archive/assets/img/zulip.svg" alt="view this post on Zulip" style="width:20px;height:20px;"></a> Jim Hurd <a href="https://rust-lang.github.io/zulip_archive/stream/136281-t-lang/wg-unsafe-code-guidelines/topic/Is.20prefetch.20unsafe.3F.html#199032365">(May 28 2020 at 14:49)</a>:</h4>
<p><span class="user-mention silent" data-user-id="224471">Lokathor</span> <a href="#narrow/stream/136281-t-lang.2Fwg-unsafe-code-guidelines/topic/Is.20prefetch.20unsafe.3F/near/199031374">said</a>:</p>
<blockquote>
<p>all intrinsics are unsafe as a blanket default</p>
</blockquote>
<p>That makes total sense, but do you think it makes sense to special case unmark this one? It can double the speed of some code, but any unsafe code in a crate is a red flag to some (with good reason, no one wants to audit other peoples code)</p>



<a name="199033994"></a>
<h4><a href="https://rust-lang.zulipchat.com#narrow/stream/136281-t-lang/wg-unsafe-code-guidelines/topic/Is%20prefetch%20unsafe%3F/near/199033994" class="zl"><img src="https://rust-lang.github.io/zulip_archive/assets/img/zulip.svg" alt="view this post on Zulip" style="width:20px;height:20px;"></a> Lokathor <a href="https://rust-lang.github.io/zulip_archive/stream/136281-t-lang/wg-unsafe-code-guidelines/topic/Is.20prefetch.20unsafe.3F.html#199033994">(May 28 2020 at 15:00)</a>:</h4>
<p>Technically it's only a hint so the program shouldn't be any different with or without it as long as sse is present. I'd put it behind a cfg attribute:</p>
<div class="codehilite"><pre><span></span><code><span class="cp">#[cfg(target_feature=</span><span class="s">&quot;sse&quot;</span><span class="cp">)]</span><span class="w"></span>
<span class="p">{</span><span class="w"></span>
<span class="w">  </span><span class="k">unsafe</span><span class="p">{</span><span class="w"> </span><span class="c1">// prefetch however</span>
<span class="w">  </span><span class="p">}</span><span class="w"></span>
<span class="p">}</span><span class="w"></span>
</code></pre></div>



<a name="199034118"></a>
<h4><a href="https://rust-lang.zulipchat.com#narrow/stream/136281-t-lang/wg-unsafe-code-guidelines/topic/Is%20prefetch%20unsafe%3F/near/199034118" class="zl"><img src="https://rust-lang.github.io/zulip_archive/assets/img/zulip.svg" alt="view this post on Zulip" style="width:20px;height:20px;"></a> Lokathor <a href="https://rust-lang.github.io/zulip_archive/stream/136281-t-lang/wg-unsafe-code-guidelines/topic/Is.20prefetch.20unsafe.3F.html#199034118">(May 28 2020 at 15:00)</a>:</h4>
<p>shouldn't be <em>operationally</em> different i mean, of course the goal is a <em>speed</em> difference.</p>



<a name="199034924"></a>
<h4><a href="https://rust-lang.zulipchat.com#narrow/stream/136281-t-lang/wg-unsafe-code-guidelines/topic/Is%20prefetch%20unsafe%3F/near/199034924" class="zl"><img src="https://rust-lang.github.io/zulip_archive/assets/img/zulip.svg" alt="view this post on Zulip" style="width:20px;height:20px;"></a> Jim Hurd <a href="https://rust-lang.github.io/zulip_archive/stream/136281-t-lang/wg-unsafe-code-guidelines/topic/Is.20prefetch.20unsafe.3F.html#199034924">(May 28 2020 at 15:05)</a>:</h4>
<p>Agreed, its already marked #[target_feature(enable = "sse")] in stdarch/sse.rs. And marked this way in my crate, but I wondered if for the sake of other authors if the "unsafe" should be removed from <a href="http://sse.rs">sse.rs</a>; that would remove the angst about including unsafe code since my understanding is that prefetch is safe.</p>



<a name="199041455"></a>
<h4><a href="https://rust-lang.zulipchat.com#narrow/stream/136281-t-lang/wg-unsafe-code-guidelines/topic/Is%20prefetch%20unsafe%3F/near/199041455" class="zl"><img src="https://rust-lang.github.io/zulip_archive/assets/img/zulip.svg" alt="view this post on Zulip" style="width:20px;height:20px;"></a> Jim Hurd <a href="https://rust-lang.github.io/zulip_archive/stream/136281-t-lang/wg-unsafe-code-guidelines/topic/Is.20prefetch.20unsafe.3F.html#199041455">(May 28 2020 at 15:53)</a>:</h4>
<p>I submitted it. We'll see if the maintainers are amused or annoyed.</p>



<a name="199042891"></a>
<h4><a href="https://rust-lang.zulipchat.com#narrow/stream/136281-t-lang/wg-unsafe-code-guidelines/topic/Is%20prefetch%20unsafe%3F/near/199042891" class="zl"><img src="https://rust-lang.github.io/zulip_archive/assets/img/zulip.svg" alt="view this post on Zulip" style="width:20px;height:20px;"></a> Lokathor <a href="https://rust-lang.github.io/zulip_archive/stream/136281-t-lang/wg-unsafe-code-guidelines/topic/Is.20prefetch.20unsafe.3F.html#199042891">(May 28 2020 at 16:04)</a>:</h4>
<p>target_feature(enable) is actually quite different. That tells the compiler to <em>assume</em> the presence of the feature within the marked function, thus allowing inlining and so on.</p>



<a name="199043092"></a>
<h4><a href="https://rust-lang.zulipchat.com#narrow/stream/136281-t-lang/wg-unsafe-code-guidelines/topic/Is%20prefetch%20unsafe%3F/near/199043092" class="zl"><img src="https://rust-lang.github.io/zulip_archive/assets/img/zulip.svg" alt="view this post on Zulip" style="width:20px;height:20px;"></a> Lokathor <a href="https://rust-lang.github.io/zulip_archive/stream/136281-t-lang/wg-unsafe-code-guidelines/topic/Is.20prefetch.20unsafe.3F.html#199043092">(May 28 2020 at 16:06)</a>:</h4>
<p>In general, none of the unsafe designations anywhere in <code>core::arch::*</code> can be removed always, and rust doesn't (yet) support things being unsafe or not based on enabled features. (that will roughly be how target_feature1.1 works though, once it's completed)</p>



<a name="199044516"></a>
<h4><a href="https://rust-lang.zulipchat.com#narrow/stream/136281-t-lang/wg-unsafe-code-guidelines/topic/Is%20prefetch%20unsafe%3F/near/199044516" class="zl"><img src="https://rust-lang.github.io/zulip_archive/assets/img/zulip.svg" alt="view this post on Zulip" style="width:20px;height:20px;"></a> Jim Hurd <a href="https://rust-lang.github.io/zulip_archive/stream/136281-t-lang/wg-unsafe-code-guidelines/topic/Is.20prefetch.20unsafe.3F.html#199044516">(May 28 2020 at 16:18)</a>:</h4>
<p>Ah, Yes I see now "error[E0658]: <code>#[target_feature(..)]</code> can only be applied to <code>unsafe</code> functions<br>
    --&gt; crates\core_arch\src\x86\sse.rs:1836:1"  I guess this is a much bigger patch.  I will wait for target_feature1.1</p>



<a name="199049236"></a>
<h4><a href="https://rust-lang.zulipchat.com#narrow/stream/136281-t-lang/wg-unsafe-code-guidelines/topic/Is%20prefetch%20unsafe%3F/near/199049236" class="zl"><img src="https://rust-lang.github.io/zulip_archive/assets/img/zulip.svg" alt="view this post on Zulip" style="width:20px;height:20px;"></a> Lokathor <a href="https://rust-lang.github.io/zulip_archive/stream/136281-t-lang/wg-unsafe-code-guidelines/topic/Is.20prefetch.20unsafe.3F.html#199049236">(May 28 2020 at 16:56)</a>:</h4>
<p>If you have the spare time could you file an issue about this on the <code>safe_arch</code> crate? <a href="https://github.com/Lokathor/safe_arch/issues">https://github.com/Lokathor/safe_arch/issues</a> I initially skipped pre-fetch wrapping when implementing SSE support since I was kinda unclear on how people would even want to call the function. If you could show the example of where you are doing a pre-fetch that would be helpful.</p>



<hr><p>Last updated: Aug 07 2021 at 22:04 UTC</p>
</html>